CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45335
https://notcve.org/view.php?id=CVE-2024-45335
22 Oct 2024 — Trend Micro Antivirus One, version 3.10.4 and below contains a vulnerability that could allow an attacker to use a specifically crafted virus to allow itself to bypass and evade a virus scan detection. • https://helpcenter.trendmicro.com/en-us/article/tmka-07255 • CWE-1037: Processor Optimization Removal or Modification of Security-critical Code •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45334
https://notcve.org/view.php?id=CVE-2024-45334
22 Oct 2024 — Trend Micro Antivirus One versions 3.10.4 and below (Consumer) is vulnerable to an Arbitrary Configuration Update that could allow unauthorized access to product configurations and functions. • https://helpcenter.trendmicro.com/en-us/article/TMKA-14461 • CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2008-5545
https://notcve.org/view.php?id=CVE-2008-5545
12 Dec 2008 — Trend Micro VSAPI 8.700.0.1004 in Trend Micro AntiVirus, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. Trend Micro VSAPI v8.700.0.1004 en Trend Micro AntiVirus, cuando se utiliza Internet Explorer 6 o 7, permite a ataca... • http://securityreason.com/securityalert/4723 • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 1%CPEs: 3EXPL: 0CVE-2007-6386
https://notcve.org/view.php?id=CVE-2007-6386
15 Dec 2007 — Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 allows user-assisted remote attackers to cause a denial of service (SfCtlCom.exe crash), and allows local users to gain privileges, via a malformed .zip archive with a long name, as demonstrated by a .zip file created via format string specifiers in a crafted .uue file. Desbordamiento de buffer relacionado con la pila en PccScan.dll, en versiones... • http://esupport.trendmicro.com/support/viewxml.do?ContentID=1036464 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-1591
https://notcve.org/view.php?id=CVE-2007-1591
22 Mar 2007 — VsapiNT.sys in the Scan Engine 8.0 for Trend Micro AntiVirus 14.10.1041, and other products, allows remote attackers to cause a denial of service (kernel fault and system crash) via a crafted UPX file with a certain field that triggers a divide-by-zero error. VsapiNT.sys en el Scan Engine 8.0 para Trend Micro AntiVirus 14.10.1041, y otros productos, permite a atacantes remotos provocar una denegación de servicio (fallo del núcleo y caída del sistema) mediante un fichero UPX manipulado con un campo concreto ... • http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034587 •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2007-0856
https://notcve.org/view.php?id=CVE-2007-0856
08 Feb 2007 — TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterprise 3.0 SP2, Client / Server / Messaging Security for SMB 3.5, Damage Cleanup Services 3.2, and possibly other products, assigns Everyone write permission for the \\.\TmComm DOS device interface, which allows local users to access p... • http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034432&id=EN-1034432 •